Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge "Changes to stored hashed password in backends. Using passlib a…
… password hashing library. Using sha512. Setting hashing to be the default behavior."
- Loading branch information
Showing
10 changed files
with
72 additions
and
33 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
from keystone.backends import models | ||
import keystone.backends as backends | ||
from passlib.hash import sha512_crypt as sc | ||
|
||
|
||
def __get_hashed_password(password): | ||
if password != None and len(password) > 0: | ||
return __make_password(password) | ||
else: | ||
return None | ||
|
||
|
||
def set_hashed_password(values): | ||
""" | ||
Sets hashed password for password. | ||
""" | ||
if backends.SHOULD_HASH_PASSWORD: | ||
if type(values) is dict and 'password' in values.keys(): | ||
values['password'] = __get_hashed_password(values['password']) | ||
elif type(values) is models.User: | ||
values.password = __get_hashed_password(values.password) | ||
|
||
|
||
def check_password(raw_password, enc_password): | ||
""" | ||
Compares raw password and encoded password. | ||
""" | ||
if not raw_password: | ||
return False | ||
if backends.SHOULD_HASH_PASSWORD: | ||
return sc.verify(raw_password, enc_password) | ||
else: | ||
return enc_password == raw_password | ||
|
||
|
||
def __make_password(raw_password): | ||
""" | ||
Produce a new encoded password. | ||
""" | ||
if raw_password is None: | ||
return None | ||
hsh = __get_hexdigest(raw_password) | ||
return '%s' % (hsh) | ||
|
||
|
||
#Refer http://packages.python.org/passlib/lib/passlib.hash.sha512_crypt.html | ||
#Using the default properties as of now.Salt gets generated automatically. | ||
def __get_hexdigest(raw_password): | ||
return sc.encrypt(raw_password) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -13,6 +13,8 @@ sqlalchemy | |
webob | ||
Routes | ||
httplib2 | ||
#For Hashing | ||
passlib | ||
|
||
# Optional backend: LDAP | ||
python-ldap==2.3.13 | ||
|